Abstract:

For today’s society constantly moving, it was necessary to develop and implement a new technology model that offers certain characteristics such as dynamism, agility and scalability to meet business and household needs, the cloud computing technology. As information has become the most important asset in an organization and the use of cloud involves certain security challenges, some activities of pentesting and auditing are needed. Vulnerability Assessment and Penetration Testing (VAPT) processes are used for assessing vulnerabilities and possible security breaches in the network, servers or infrastructure and to reduce the risk of being exploited by attackers. The first part of the paper presents the VAPT process for cloud services and the second part analyze the testing methodology proposed by Cloud Security Alliance, by comparison with traditional architectures.